.

How do you use John the Ripper - non-tech question

<<

ants

Newbie
Newbie

Posts: 25

Joined: Sun Mar 15, 2009 8:51 am

Location: Ireland

Post Mon Jun 15, 2009 5:59 pm

How do you use John the Ripper - non-tech question

Please note, this is not a technical question.

I am doing some research on Dictionary based password cracking that will hopefully be of use for optimisation.

So I was wondering how do most professional hackers use JTR.

Do you normally use it for just cracking one password at a time or do you use a short or long list of passwords? Also, how long would you leave it running before you gave up and tried another method?

Thanks

Ants
Last edited by ants on Mon Jun 15, 2009 6:02 pm, edited 1 time in total.
CEH, GPEN, GCFW
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Mon Jun 15, 2009 10:30 pm

Re: How do you use John the Ripper - non-tech question

Well, I wouldn't call myself a professional hacker, but I use JTR mostly on Linux.  On Windows, I prefer Cain and Abel.  I use it for both, a single password and groups of passwords cracking.    I typically don't run it for more than a few days. 
~~~~~~~~~~~~~~
Ketchup
<<

Jhaddix

User avatar

Sr. Member
Sr. Member

Posts: 317

Joined: Wed Oct 29, 2008 10:25 pm

Post Mon Jun 15, 2009 10:59 pm

Re: How do you use John the Ripper - non-tech question

however many hashes i get from a box is how many i run john on, and will continue to run it on a non production machine until the engagement is close to reporting. Distributed jtr is my next goal to quicken the cracking process. jtr is vital to pentests, hope that helps
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Tue Jun 16, 2009 12:08 am

Re: How do you use John the Ripper - non-tech question

I really like JTR too but I don't need it often. I use it for both single and multi. Depending if time is an important key I would let it run also for a longer period of time on a seperate machine.
<<

jimbob

Post Tue Jun 16, 2009 2:21 am

Re: How do you use John the Ripper - non-tech question

It depends on what you are trying to achieve. If you just want to prove a point JTR in single crack mode can reveal the weakest passwords in seconds and demonstrates the need for good password policy. I use longer runs when I want to leverage the passwords I find to get deeper.

Jimbob
<<

ants

Newbie
Newbie

Posts: 25

Joined: Sun Mar 15, 2009 8:51 am

Location: Ireland

Post Tue Jun 16, 2009 8:35 am

Re: How do you use John the Ripper - non-tech question

Hey thanks guys. That helps me a lot.
CEH, GPEN, GCFW

Return to Other

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software